﻿Public Class Site
    Inherits System.Web.UI.MasterPage

    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load

        If IsSessionExpired() Then

            FormsAuthentication.RedirectToLoginPage()

        End If

    End Sub

    Public Function IsSessionExpired() As Boolean

        If HttpContext.Current.Session Is Nothing Then
            If (HttpContext.Current.Session.IsNewSession) Then

                Dim CookieHeaders As String = HttpContext.Current.Request.Headers("Cookie")

                If IsNothing(CookieHeaders) And (CookieHeaders.IndexOf("ASP.NET_SessionId") >= 0) Then
                    ' IsNewSession is true and session cookie exists,
                    ' so, ASP.NET session is expired
                    Return True
                End If
            End If
        End If

        ' Session is not expired and function will return False, 
        ' it could be new session, or existing active session
        Return False
    End Function

End Class